Ubuntu
glibc package

glibc 2.7-10ubuntu8.1 source package in Ubuntu

Changelog

glibc (2.7-10ubuntu8.1) hardy-security; urgency=low

  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE:
    - debian/patches/any/submitted-nis-shadow.diff remove encrypted
      passwords from passwd entries, and add them in shadow entries and
      fix incorrect password overwriting
    - CVE-2010-0015
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: signedness bug in memcpy_ssse3
    - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned
      comparison instructions
    - CVE-2011-2702
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864
 -- Steve Beattie <email address hidden>   Tue, 06 Mar 2012 10:06:52 -0800

Upload details

Uploaded by:
Steve Beattie
Uploaded to:
Hardy
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
glibc_2.7.orig.tar.gz 15.2 MiB fe9e627921768cfdef9e059a2698ac7b5a5c2303b870db4252a443455a8fd135
glibc_2.7-10ubuntu8.1.diff.gz 797.8 KiB cef5b907c557fadc7fdc3d9b5790bb56247873fd891ae2a3316832b5f3da8dba
glibc_2.7-10ubuntu8.1.dsc 2.9 KiB df466ea68984a7fb4a099466ff09e5a0aacd0a3afa62f3774b9ebf4ad4bf440b

Available diffs

View changes file

Binary packages built by this source

glibc-doc: No summary available for glibc-doc in ubuntu hardy.

No description available for glibc-doc in ubuntu hardy.

glibc-source: No summary available for glibc-source in ubuntu hardy.

No description available for glibc-source in ubuntu hardy.

libc6: No summary available for libc6 in ubuntu hardy.

No description available for libc6 in ubuntu hardy.

libc6-amd64: No summary available for libc6-amd64 in ubuntu hardy.

No description available for libc6-amd64 in ubuntu hardy.

libc6-dbg: No summary available for libc6-dbg in ubuntu hardy.

No description available for libc6-dbg in ubuntu hardy.

libc6-dev: No summary available for libc6-dev in ubuntu hardy.

No description available for libc6-dev in ubuntu hardy.

libc6-dev-amd64: No summary available for libc6-dev-amd64 in ubuntu hardy.

No description available for libc6-dev-amd64 in ubuntu hardy.

libc6-dev-i386: No summary available for libc6-dev-i386 in ubuntu hardy.

No description available for libc6-dev-i386 in ubuntu hardy.

libc6-dev-ppc64: No summary available for libc6-dev-ppc64 in ubuntu hardy.

No description available for libc6-dev-ppc64 in ubuntu hardy.

libc6-i386: No summary available for libc6-i386 in ubuntu hardy.

No description available for libc6-i386 in ubuntu hardy.

libc6-i686: No summary available for libc6-i686 in ubuntu hardy.

No description available for libc6-i686 in ubuntu hardy.

libc6-pic: No summary available for libc6-pic in ubuntu hardy.

No description available for libc6-pic in ubuntu hardy.

libc6-ppc64: No summary available for libc6-ppc64 in ubuntu hardy.

No description available for libc6-ppc64 in ubuntu hardy.

libc6-prof: No summary available for libc6-prof in ubuntu hardy.

No description available for libc6-prof in ubuntu hardy.

libc6-udeb: No summary available for libc6-udeb in ubuntu hardy.

No description available for libc6-udeb in ubuntu hardy.

libc6-xen: No summary available for libc6-xen in ubuntu hardy.

No description available for libc6-xen in ubuntu hardy.

libnss-dns-udeb: No summary available for libnss-dns-udeb in ubuntu hardy.

No description available for libnss-dns-udeb in ubuntu hardy.

libnss-files-udeb: No summary available for libnss-files-udeb in ubuntu hardy.

No description available for libnss-files-udeb in ubuntu hardy.

nscd: No summary available for nscd in ubuntu hardy.

No description available for nscd in ubuntu hardy.